Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/RGY9PJuk3WkCA8thbIYfHGofnF0.roa
File: RGY9PJuk3WkCA8thbIYfHGofnF0.roa (raw, json)
Hash identifier: Rld+iOFplKoAvRND0kLw/h88EtDKx013TgsOCt7QV6Q=
Subject key identifier: 44:66:3D:3C:9B:A4:DD:69:02:03:CB:61:6C:86:1F:1C:6A:1F:9C:5D
Certificate issuer: /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial: 018C99056B2570C9CE9AF106D14546BBB4A2
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/RGY9PJuk3WkCA8thbIYfHGofnF0.roa
Signing time: Sat 23 Dec 2023 23:31:58 +0000
ROA not before: Sat 23 Dec 2023 23:31:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44947
IP address blocks: 128.65.166.0/24 maxlen: 24
128.65.167.0/24 maxlen: 24
128.65.168.0/24 maxlen: 24
128.65.169.0/24 maxlen: 24
128.65.170.0/24 maxlen: 24
128.65.171.0/24 maxlen: 24
128.65.172.0/24 maxlen: 24
128.65.173.0/24 maxlen: 24
128.65.174.0/24 maxlen: 24
128.65.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:99:05:6b:25:70:c9:ce:9a:f1:06:d1:45:46:bb:b4:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Validity
Not Before: Dec 23 23:31:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44663d3c9ba4dd690203cb616c861f1c6a1f9c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ab:7c:c2:6e:ce:7f:55:ba:2d:7b:d6:ff:21:
f4:18:6d:9a:8e:e0:af:04:ff:13:87:7e:1c:c7:61:
f0:ad:01:5e:2d:d1:d1:44:85:dc:f7:a1:c0:5b:80:
9b:4a:f0:e5:8a:7b:14:6a:6c:d5:6a:0a:b0:51:9e:
9f:8a:02:20:ef:e5:32:a9:ec:e2:03:0b:69:86:2b:
91:05:ae:58:d9:c5:6b:ee:8e:ef:ae:33:c3:3b:3a:
0a:42:17:01:0c:87:ac:b7:ce:e2:fd:5d:a4:58:c0:
73:03:ab:65:19:6e:ab:22:d7:37:4a:74:a0:42:8b:
8e:f3:55:d4:8c:83:8f:cf:7d:8c:bc:e2:09:5a:05:
c8:51:18:b0:e1:0b:d7:3a:a0:f1:a5:43:ce:f4:d8:
82:2f:ae:d1:75:44:14:f1:36:21:61:7c:fb:2d:ec:
eb:83:ff:be:ba:09:03:b6:bd:bb:ce:91:98:4d:c7:
46:1c:8a:9a:ee:ab:6c:ed:37:a9:7d:66:98:a1:de:
b5:cf:db:21:65:33:36:07:06:6f:c5:d1:d2:6a:e8:
60:fa:79:f3:01:2c:22:15:69:c5:c9:cc:a7:42:64:
86:5c:80:f4:73:61:e8:61:21:41:e9:1e:cf:eb:26:
b0:a0:36:78:82:1c:41:51:5b:5c:3c:11:83:2b:74:
eb:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:66:3D:3C:9B:A4:DD:69:02:03:CB:61:6C:86:1F:1C:6A:1F:9C:5D
X509v3 Authority Key Identifier:
keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/RGY9PJuk3WkCA8thbIYfHGofnF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.166.0-128.65.175.255
Signature Algorithm: sha256WithRSAEncryption
24:e3:5e:fe:ad:77:29:81:0c:95:3f:cb:f5:c2:cb:8c:09:99:
60:17:ee:55:1c:bc:86:d1:6b:7f:13:94:f6:88:3e:c6:9d:17:
2d:b8:f9:e9:90:c5:67:d2:dd:b3:dd:c2:a4:39:ce:8d:8e:00:
63:00:94:e2:1d:89:56:df:9b:11:21:7f:7f:02:4e:a6:46:d5:
d2:0f:4c:1d:1e:63:2a:58:ef:8f:53:c5:35:c6:42:4f:0b:f4:
1b:22:0e:4a:8f:65:73:15:e4:7c:84:3a:a6:2c:d4:b7:d2:dd:
53:2e:cc:42:5a:be:10:e7:17:8b:6f:82:13:2a:cb:9e:ad:72:
b8:f2:6b:5b:ce:f0:1e:fe:9f:aa:27:82:cc:96:00:e6:3f:10:
f7:a7:84:f6:14:1a:d8:c1:62:06:48:1b:80:6e:3e:62:b7:88:
82:67:c9:2c:7a:8f:7b:47:97:bd:ac:3c:d5:02:aa:67:05:56:
cf:fc:5e:ef:0c:ad:de:a7:5d:0e:0f:38:f9:1a:4c:23:31:88:
1b:12:39:5e:cf:70:f3:3f:4b:d8:50:a9:70:42:77:35:da:5c:
04:99:46:82:64:34:f8:c5:11:40:dd:61:97:9c:ea:b4:4a:bd:
96:c7:26:a9:63:d7:05:ae:58:5d:e5:01:1b:d0:ec:cc:6c:9f:
10:68:63:de
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYyZBWslcMnOmvEG0UVGu7SiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjMxMjIzMjMzMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDY2M2QzYzliYTRkZDY5MDIwM2NiNjE2Yzg2MWYxYzZhMWY5YzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKt8wm7Of1W6LXvW/yH0GG2ajuCv
BP8Th34cx2HwrQFeLdHRRIXc96HAW4CbSvDlinsUamzVagqwUZ6figIg7+Uyqezi
AwtphiuRBa5Y2cVr7o7vrjPDOzoKQhcBDIest87i/V2kWMBzA6tlGW6rItc3SnSg
QouO81XUjIOPz32MvOIJWgXIURiw4QvXOqDxpUPO9NiCL67RdUQU8TYhYXz7Lezr
g/++ugkDtr27zpGYTcdGHIqa7qts7TepfWaYod61z9shZTM2BwZvxdHSauhg+nnz
ASwiFWnFycynQmSGXID0c2HoYSFB6R7P6yawoDZ4ghxBUVtcPBGDK3TrMQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFERmPTybpN1pAgPLYWyGHxxqH5xdMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvUkdZOVBKdWszV2tDQTh0aGJJWWZIR29mbkYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGAQaYD
BASAQaAwDQYJKoZIhvcNAQELBQADggEBACTjXv6tdymBDJU/y/XCy4wJmWAX7lUc
vIbRa38TlPaIPsadFy24+emQxWfS3bPdwqQ5zo2OAGMAlOIdiVbfmxEhf38CTqZG
1dIPTB0eYypY749TxTXGQk8L9BsiDkqPZXMV5HyEOqYs1LfS3VMuzEJavhDnF4tv
ghMqy56tcrjya1vO8B7+n6ongsyWAOY/EPenhPYUGtjBYgZIG4BuPmK3iIJnySx6
j3tHl72sPNUCqmcFVs/8Xu8Mrd6nXQ4POPkaTCMxiBsSOV7PcPM/S9hQqXBCdzXa
XASZRoJkNPjFEUDdYZec6rRKvZbHJqlj1wWuWF3lARvQ7MxsnxBoY94=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org